Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7BoCdqKrBGcD3ckdmWjStQwzxZQ.roa
File: 7BoCdqKrBGcD3ckdmWjStQwzxZQ.roa (raw, json)
Hash identifier: J+df4N0oZcMyBFJ+vWrDxQlm61T0xouIN4WuC6cWGkY=
Subject key identifier: EC:1A:02:76:A2:AB:04:67:03:DD:C9:1D:99:68:D2:B5:0C:33:C5:94
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 01856E2FA1080CBF70928C27BA1138C2C0DA
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7BoCdqKrBGcD3ckdmWjStQwzxZQ.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 185.84.220.0/22 maxlen: 22
109.122.243.0/24 maxlen: 24
109.122.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 26 Sep 2023 10:25:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a1:08:0c:bf:70:92:8c:27:ba:11:38:c2:c0:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec1a0276a2ab046703ddc91d9968d2b50c33c594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:10:ba:61:46:ad:6a:bb:bd:ec:89:57:b3:fc:
74:0a:4d:2b:cf:64:56:96:37:3c:0e:fa:36:d0:b2:
af:0b:4a:5b:cd:a8:9a:1b:f2:43:c6:da:77:a1:bc:
6a:e1:08:5f:77:9e:a3:be:22:19:80:fa:0d:55:70:
a0:48:36:c1:5a:f9:a3:1c:91:c6:e9:5c:3d:49:b5:
11:d0:9a:a6:a1:7a:27:90:58:12:25:0f:38:9a:a4:
66:31:87:f6:c6:76:fa:13:03:93:3f:b1:7c:2e:f5:
33:9c:5e:f4:7d:49:7e:1a:83:5d:e2:1d:28:3d:d3:
3a:67:53:a9:6b:04:43:e3:dd:55:0a:87:3e:3c:dd:
cf:85:00:e1:05:78:40:ce:79:6b:8e:32:86:1e:c4:
82:a1:0b:14:42:c2:08:39:29:09:45:d9:7c:62:86:
81:b2:d8:6e:a5:c7:d1:d3:1c:72:79:26:0d:f4:e0:
6b:3d:f1:da:2c:5b:08:87:76:b6:cf:3b:1c:87:42:
ce:14:40:80:33:a7:25:c8:30:1e:3b:26:9d:51:3c:
27:92:ab:43:94:05:82:f6:c4:f5:bd:66:38:73:be:
1b:af:b9:1f:8f:e4:6a:37:0d:bd:37:cd:1b:a0:07:
da:6e:d9:20:39:21:0c:f3:12:03:ac:5e:ab:87:60:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1A:02:76:A2:AB:04:67:03:DD:C9:1D:99:68:D2:B5:0C:33:C5:94
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7BoCdqKrBGcD3ckdmWjStQwzxZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.243.0-109.122.247.255
185.84.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:04:ac:a0:96:23:f6:ad:bb:55:e3:f7:ba:11:4b:c5:dc:76:
3a:90:04:64:46:60:b1:07:fa:b1:54:d3:d1:fa:c4:93:4a:2f:
15:bc:c7:a9:13:3c:77:72:a0:9f:42:a6:9e:06:df:d7:4d:9b:
3d:39:03:ef:dd:1c:cb:42:bc:39:d0:d6:7e:36:c8:e0:0f:f5:
28:85:77:3f:f1:1c:73:6c:81:06:3d:10:45:6a:47:6f:03:bb:
27:0d:c0:42:45:06:01:5c:d7:09:3d:64:08:0e:41:d0:73:64:
52:2e:c5:de:c0:17:ad:84:55:f3:94:0e:b0:bf:d4:11:87:2c:
3b:34:90:18:82:85:80:ce:2e:4f:48:fa:84:c9:e0:55:eb:51:
fa:e5:51:ca:95:3d:ab:bb:4f:6a:8e:4e:62:5a:45:5a:a3:8c:
76:4d:7e:3e:d7:e5:91:93:b1:e4:cb:b7:58:8d:f0:10:fe:6e:
bf:f8:2c:86:b7:a2:b9:12:9d:44:ab:c9:36:2c:20:47:96:b8:
86:f5:ba:86:04:97:8d:e3:76:86:3a:bb:4b:37:ae:79:64:7f:
73:32:9c:f8:ef:b4:2d:88:e3:f0:92:78:4b:b2:22:f1:96:12:
1f:e3:96:5f:6f:e6:19:04:3d:e0:b1:00:4f:00:23:d2:19:b6:
d1:d2:7a:06
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVuL6EIDL9wkownuhE4wsDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzFhMDI3NmEyYWIwNDY3MDNkZGM5MWQ5OTY4ZDJiNTBjMzNjNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhC6YUataru97IlXs/x0Ck0rz2RW
ljc8Dvo20LKvC0pbzaiaG/JDxtp3obxq4Qhfd56jviIZgPoNVXCgSDbBWvmjHJHG
6Vw9SbUR0JqmoXonkFgSJQ84mqRmMYf2xnb6EwOTP7F8LvUznF70fUl+GoNd4h0o
PdM6Z1OpawRD491VCoc+PN3PhQDhBXhAznlrjjKGHsSCoQsUQsIIOSkJRdl8YoaB
sthupcfR0xxyeSYN9OBrPfHaLFsIh3a2zzsch0LOFECAM6clyDAeOyadUTwnkqtD
lAWC9sT1vWY4c74br7kfj+RqNw29N80boAfabtkgOSEM8xIDrF6rh2ArNQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOwaAnaiqwRnA93JHZlo0rUMM8WUMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvN0JvQ2RxS3JCR2NEM2NrZG1XalN0UXd6eFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABtevMD
BANtevADBAK5VNwwDQYJKoZIhvcNAQELBQADggEBAAwErKCWI/atu1Xj97oRS8Xc
djqQBGRGYLEH+rFU09H6xJNKLxW8x6kTPHdyoJ9Cpp4G39dNmz05A+/dHMtCvDnQ
1n42yOAP9SiFdz/xHHNsgQY9EEVqR28DuycNwEJFBgFc1wk9ZAgOQdBzZFIuxd7A
F62EVfOUDrC/1BGHLDs0kBiChYDOLk9I+oTJ4FXrUfrlUcqVPau7T2qOTmJaRVqj
jHZNfj7X5ZGTseTLt1iN8BD+br/4LIa3orkSnUSryTYsIEeWuIb1uoYEl43jdoY6
u0s3rnlkf3MynPjvtC2I4/CSeEuyIvGWEh/jll9v5hkEPeCxAE8AI9IZttHSegY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:46 2024 by rpki-client on console-fra.rpki-client.org